[Dnsmasq-discuss] Bug report: authoritative zone transfers for PTR domains

Daniel Bromberg daniel at basezen.com
Fri Jan 31 20:05:07 GMT 2020


Somehow one always finds essential information after sending out an e-mail to a mailing list.

The manpage indeed states:

  > Note that at present, reverse (in-addr.arpa and ip6.arpa) zones are not available in zone transfers, so there is  no  point  arranging  sec-
  > ondary servers for reverse lookups.

So I revise my report to a bug in the man page, since the workaround is worth mentioning.

I’ll work on a patch.

-Daniel

> Le 31 janv. 2020 à 14:52, Daniel Bromberg <daniel at basezen.com> a écrit :
> 
> Hello from a list new-comer.
> 
> Consider running on the network 10.0.0.0/8, serving DHCP on that subnet, and wishing to publish both the forward and reverse zones to secondary caching servers: example.com <http://example.com/> and 0.0.0.10-in-addr.arpa.
> 
> While dnsmasq creates and serves individually the necessary PTR records given an auth-zone option:
> 
> auth-zone=example.com <http://example.com/>,10.0.0.0/8,lan0,br0
> 
> it does not believe it's authoritative for the PTR zone.
> 
> The workaround is to add:
> 
> auth-zone=0.0.10.in <http://0.0.10.in/>-addr.arpa,lan0,br0
> The logic in the startup code is simple: the authoritative zones are exactly the set encountered in the options file; nothing else is implied. What results is inconsistency, because dnsmasq essentially lies by supplying an authoritative claim via NS and SOA records on 0.0.10.in <http://0.0.10.in/>-addr.arpa then refuses to do a zone transfer.
> 
> There seems to be little interest in reverse DNS zone transfers; this workaround is not found in the manage or anywhere I could find.
> 
> On ServerFault: https://serverfault.com/questions/929891/how-to-let-dnsmasq-transfer-a-reverse-zone/1001286#1001286 <https://serverfault.com/questions/929891/how-to-let-dnsmasq-transfer-a-reverse-zone/1001286#1001286>
> 
> Kind regards,
> -Daniel
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20200131/bb856040/attachment-0001.html>


More information about the Dnsmasq-discuss mailing list